package cn.hp.controller;

import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import cn.hp.utils.ActiveUser;

@Controller
@RequestMapping("/login")
public class LoginController {
	
	//跳转到登录页面
	@RequestMapping("/toLogin")
	public String toLogin(){
		return "login";
	}
	
	//登陆的方法
	@RequestMapping("/login")
	public String login(String username,String password,HttpSession session){
		//1.获得主体subject
		Subject subject = SecurityUtils.getSubject();
		//2.封装用户名和密码
		UsernamePasswordToken token=new UsernamePasswordToken(username, password);
		//3.完成登录
		try {
			subject.login(token);
			//获得用户信息
			ActiveUser activeUser = (ActiveUser) subject.getPrincipal();
			session.setAttribute("activeUser", activeUser);
			
			return "redirect:/user/loadAllUser";
			
		} catch (AuthenticationException e) {
			System.out.println("用户名或者密码不正确");
		}
		
		return "redirect:/index.html";
	}
}
